1. Field of Invention
The present invention relates to network security, and more particularly, to an encryption processor for performing accelerated computations to establish secure network sessions.
2. Description of the Related Art
For Virtual Private Networks (VPN) and E-commerce applications, security is the number one concern. For VPN applications, the commonly used security protocol is Internet Protocol Security (IPSec). For E-commerce applications, the security protocol deployed is Secure Socket Layer (SSL). SSL is embedded in every web browser. Before an SSL session can be established, symmetrical keys need to be established at both the client and server. This is accomplished by the use of a public key operation by the client and a private key operation by the server. In other words, the client uses the public key of the server to encrypt a message which is then sent to the server. The message is then decrypted by the server using its own private key (only the server knows its own private key). Once the message is decrypted, both the client and server have the same message to generate a symmetrical key. They can use the symmetrical key to encrypt/decrypt any messages transmitted and received between the client and server. Thus a private SSL session is established.
The IPSec session keys are typically established using Diffie-Hellman (DH) algorithm in the Internet Key Exchange (IFE) protocol. IKE also utilizes RSA and Digital Signature Algorithm (DSA) algorithms for Public Key Infra-structure (PKI). The algorithms used in SSL are RSA, DH, and DSA. RSA Is by far the most used algorithm in SSL protocol because its simplicity and its easy integration with PKI. However DH and DSA are also occasionally used in SSL. DSA is the algorithm favored by government agencies. Common to all three algorithms is the time-consuming modular exponentiation (C=Me mod N) operation. One problem with the aforementioned security protocols is the time involved in computing the modular exponentiation (C=Me mod N) operation. Typically, the values of C and N are both 1024 bits wide. The value of exponent e can also be as large as 1024 bits wide. For example, the RSA private key decryption used by a server commonly has an exponent 1024 bits wide for stronger security. This means the calculation is extremely computation intensive, often resulting in relatively long delays before a secure connection is established. This problem is further compounded by the fact that the computation is typically performed by 32 or 64 bit microprocessor(s) in a server and not a dedicated device.
The Montgomery method for modular exponentiation is a technique that provides efficient implementation of modular multiplication without explicitly carrying out the classic modular reduction step. A modular multiplication usually consists of two operations: (1) multiplication and (2) modular reduction. The classic modular reduction step typically involves long division operation. For digital systems, division is a tedious operation and takes many clock cycles to complete. Montgomery method effectively removes many division operations required in the classic modular exponentiation operation and speeds up the total execution time for modular exponentiation. Montgomery method converts the classic modular exponentiation operation to a different residue space (the step is called Montgomery reduction operation). If a residue space of 2n, where n is the length of modulus N in base 2, is chosen, the subsequent modular multiplication operations embedded in the modular exponentiation operation become two multi-precision multiplication operations followed by one right shift operation. For more information on the Montgomery method, see P. Montgomery, “Modular Multiplication Without Trial Division”, Mathematics of Computation, 44 (1985), pp 519-521.
Although helpful, the use of Montgomery mathematics is still too slow when implemented by a standard microprocessor in a server. This is particularly true at a busy web site where many Internet users are seeking to establish secure communications with the server because the SSL related computations consume an inordinate amount of the microprocessors time and resources.
An encryption processor for performing accelerated computations to establish secure network sessions is therefore needed.